DDraceNetwork - developer

hi

00:20

On Thursday, September 30 DDNet reached its ten millionth finish. It was by [MaKaBaKa](https://ddnet.tw/players/MaKaBaKa/) on the map [Cool](https://ddnet.tw/maps/Cool/) on 2021-09-30 14:26:48 UTC+2.

00:20

add a comma after 30 i think

00:21

maybe change on 2021-09-30 14:26:48 UTC+2. to at 14:26:48 UTC+2. since you already mentioned the date

00:22

everything else is good imo

00:22

@heinrich5991

heinrich5991

[ddnet/ddnet-web] Pull request closed: #143 Ten million finishes

00:24

heinrich5991

[ddnet-web:master] 2 new commits

ac02b52 Ten million finishes - heinrich5991 75f0a9f Ten millionth finish proofread by louis - heinrich5991

thanks

heinrich5991

[ddnet-web:master] 1 new commit

a5d019e Ten millionth finish: Fix image link - heinrich5991

ddnet-maps

[ddnet-maps:master] 1 new commit

1ece562 M Jao Shooter - ddnet-maps

its hacktoberfest

06:18

https://hacktoberfest.digitalocean.com/

Hacktoberfest '21

Hacktoberfest presented by DigitalOcean

finally

heinrich5991

@murpi still awake and can review? ^

cool \o/

https://twitter.com/Sinoc229/status/1445639261974261766?t=FNtw7hqUe_Z2bo-cxXKGzA&s=19

Sinoc (@Sinoc229)

https://t.co/7vTDeRA9vt got leaked. Like, the entire website; Source code with comments for the website and various console/phone versions, refrences to an unreleased steam competitor, payouts, encrypted passwords that kinda thing. Might wana change your passwords.

Retweets

5753

Likes

7026

10:50

wild

use a password manager and randomly generated passwords!

2

that's crazy

That's the Price for allowing hot tub and hypersexual content feelspepoman

, killing the platform (edited)

3

heinrich5991

use a password manager and randomly generated passwords!

which one do u use

Bitwarden mvp

KeePassXC

https://keepassxc.org/

KeePassXC Password Manager

1

bitwarden

ReiTW

That's the Price for allowing hot tub and hypersexual content feelspepoman

, killing the platform (edited)

That is what makes money :)

12:34

I migrated to bitwarden when lastpass went full capitalist. Fairly happy with it

Ryozuki

which one do u use

notebook irl

@gerdoe u cant copy paste lengthy passwords that way

use 1234

13:26

i switched to keepassxc

13:29

i wasnt using any password manager xd

13:29

now im using 60+ length passwords monkalaugh

def-

[ddnet-web:master] 1 new commit

e5b583b Remove USA1 - def-

the big brain thing to do is using password the letter on your keyboard like qwertyuiop etc

@Ryozuki I'm using bitwarden

Since I started using bitwarden I've been shocked by how many sites forbid long password or special characters in passwords

14:04

At least they don't just remove those chars and shorten the pw without warning you, my bank used to do that

deen

Since I started using bitwarden I've been shocked by how many sites forbid long password or special characters in passwords

agreed

a 22 character alphanumeric password gives you 128 bit security, which is enough

Sure, but if you do anything other than hashing a pw you're probably doing something wrong

14:06

and for hashing special chars and length don't matter much

md5 uses 128 bit and there's nothing wrong with md5 monkaS

length yes (outside of protection against DoS by really long passwords >1kb), special chars might be a customer help issue when people try to type their passwords on different keyboards

14:07

hitler was vegetarian

could've been worse

heinrich5991

length yes (outside of protection against DoS by really long passwords >1kb), special chars might be a customer help issue when people try to type their passwords on different keyboards

Max upload size is limited in PHP by default.

@Fän django had a DoS vulnerability with password length. max upload size sounds like something in the range of >10mb, so maybe that wouldn't help with intentionally slow password hashing algorithms

heinrich5991

@Fän django had a DoS vulnerability with password length. max upload size sounds like something in the range of >10mb, so maybe that wouldn't help with intentionally slow password hashing algorithms

PHP usually instantly dies if max upload size is hit

14:10

(>2Mb by default iirc)

By default, the maximum upload file size for PHP scripts is set to 128 megabytes.

It's set to 2MB with Plesk.

django restricted password length to 4KB following the DoS vulnerability

14:13

sounds like the max upload size wouldn't really help in that case

14:13

(also, django is a python framework, not php)

I don't know django at all

14:13

so makes sense

14:13

We use Laravel for anything custom

Jupeyy

[ddnet/ddnet] Pull request opened: #4199 Rename VERSION to VERSION.txt

just a test if that fixes macOS build

Checklist

[ ] Tested the change ingame
[ ] Provided screenshots if it is a visual change
[ ] Tested in combination with possibly related configuration options
[ ] Written a unit test if it works standalone, system.c especially
[ ] Considered possible null pointers and out of bounds array indexing
[ ] Changed no physics that affect existing maps
[ ] Tested the change with [ASan+UBSan or valgrind's memcheck](https://github.com/d...

im not gonna remember a 22 char pw so why not just use a 60 char one

I see no advantage of a 60 character password over a 22 character password

14:23

a little advantage of shorter passwords, an advantage that I used before, is: you can copy them more easily by typing them (into a not-fully-trusted computer)

Ryozuki

now im using 60+ length passwords monkalaugh

some services can't keep 60 length password kekw

none that i use cant

14:24

also i dont share passwords so i would just use a shorter for that

bors[bot]

[ddnet:master] 2 new commits

ce9a962 Rename VERSION to VERSION.txt - Jupeyy a4591bd Merge #4199 - bors[bot]

14:40

bors[bot]

[ddnet/ddnet] Pull request closed: #4199 Rename VERSION to VERSION.txt

bors[bot]

[ddnet:master] 3 new commits

bce74cd Properly export antibot DLL symbols on Windows, this time for real - heinrich5991 ca95a13 Always support resizing, remove gfx_resizable - def- 353f265 Merge #4197 #4198 - bors[bot]

14:52

bors[bot]

[ddnet/ddnet] Pull request closed: #4197 Properly export antibot DLL symbols on Windows, this time for real

14:52

bors[bot]

[ddnet/ddnet] Pull request closed: #4198 Always support resizing, remove gfx_resizable

bors[bot]

[ddnet:master] 9 new commits

6c452c1 Record tee position at the end of the tick - Zwelf aa41b60 Don't record sv_reserved_slots_pass in teehistorian - Zwelf d6912f7 Record team change in teehistorian - Zwelf 81f4263 Record team practice mode making replay easier - Zwelf eacd314 Move team and practice mode recording to the beginning of the tick - Zwelf e9dec00 Address review to make code more consistent - Zwelf c6ef672 Reset team of player leaving to 0 in teehistorian - Zwelf 3c1e0fe Use SDL_FlashWindow to request user's attention - Jupeyy 121c6d1 Merge #3879 #4079 - bors[bot]

15:02

bors[bot]

[ddnet/ddnet] Pull request closed: #3879 Use SDL_FlashWindow to request user's attention

15:02

bors[bot]

[ddnet/ddnet] Pull request closed: #4079 Make teehistorian easier to reproduce

bors[bot]

[ddnet:master] 4 new commits

9e17281 invalidate texture when unloading a texture. - oy d60e330 Pointer naming convention in UnloadTexture - ChillerDragon de4e1ea Merge UnloadTexture with UnloadTextureNew - ChillerDragon 43e6990 Merge #4157 - bors[bot]

15:27

bors[bot]

[ddnet/ddnet] Pull request closed: #4157 invalidate texture when unloading a texture.

bors[bot]

[ddnet:master] 9 new commits

07b85a2 highlight self in kill messages - Azorlogh 7024326 Merge branch 'master' of github.com:Azorlogh/ddnet - Azorlogh bb8d746 remove unneeded variable - Azorlogh 96f25d3 fix default colors - Azorlogh 5e98fa9 null check pLocalInfo - Azorlogh 72ab669 use m_LocalClientID instead of m_pLocalInfo->m_ClientID - Azorlogh 40ab93c capitalize Color & remove superfluous toggle - Azorlogh 7552bfd set defaut highlight color in kill message to white - Azorlogh 73de789 Merge #4188 - bors[bot]

15:37

bors[bot]

[ddnet/ddnet] Pull request closed: #4188 Add option to highlight self in kill messages

I saw you typing!

15:49

oh ma gawd

hm. wasn't you ^^

Was me :P

15:51

I was going to write about an idea I randomly got when I noticed I only get 5Gb of roaming data in europe

did you know that discord disabled typing notifications while facebook was down? ^^

heinrich5991

did you know that discord disabled typing notifications while facebook was down? ^^

Hm, because of too much traffic?

yes

15:52

what is that idea? is there not enough free wifi in sweden?

Learath2

I was going to write about an idea I randomly got when I noticed I only get 5Gb of roaming data in europe

I get unlimited minutes,how feasible is it to hack together an internet connection a la dialup? :D

oh ma gawd²

Circa 2005 :P

I think GER2 went poof

15:53

$ddos

Server Status

server| +- | ▲ pps | ▼ pps

MAIN | up | 417| 414

MASTER| up | 97| 139 flag_unk

FRA | up | 2.23k| 2.63k

GER1 | up | 1.91k| 2.31k

GER2 |down| |

POL2 | up | 969| 1.09k

RUS4 | up | 3.71k| 4.37k

TUR2 |ddos| 2.67k| 775

IRN | up | 226| 110

CHL2 | up | 2.21k| 1.09k

BRA3 | up | 3.3k| 3.97k

USA2 | up | 505| 670

CAN2 | up | 36| 37

CHN1 | up | 5.44k| 6.22k

CHN2 | up | 1.35k| 1.77k

CHN3 | up | 2.03k| 2.65k

CHN4 | up | 2.57k| 3.1k

CHN5 | up | 899| 1.08k

CHN6 | up | 4.1k| 5.22k

CHN8 | up | 1.45k| 1.88k

JAP2 | up | 1.52k| 1.87k

KOR2 | up | 1.03k| 984

SGP2 | up | 292| 314

ZAF2 | up | 373| 342

not entirely poof

15:54

I'm still on it

Hetzner finally decided they've had enough of us? :D

heinrich5991

what is that idea? is there not enough free wifi in sweden?

Keep forgetting this is a thing in europe... ofc there is free wifi, even in busses

in europe as opposed to?

Turkey

15:57

Free wifi is non-existant there. Even in places where it exists its like dialup speeds

15:59

Its everywhere in italy too but italy also decided 1mbps is enough

heinrich5991

[ddnet/ddnet] Pull request opened: #4200 teehistorian: Test statefulness of PLAYER_TEAM and TEAM_PRACTICE

Checklist

[ ] Tested the change ingame
[ ] Provided screenshots if it is a visual change
[ ] Tested in combination with possibly related configuration options
[x] Written a unit test if it works standalone, system.c especially
[ ] Considered possible null pointers and out of bounds array indexing
[ ] Changed no physics that affect existing maps
[ ] Tested the change with [ASan+UBSan or valgrind's memcheck](https://github.com/ddnet/ddnet/#using-addresssanitizer--u...

i think there is free wifi here in barcelona too

16:09

but idk for sure i have 50gb data i never use monkalaugh

16:09

so many prs

16:09

when next version

16:11

https://github.com/ddnet/ddnet/compare/15.5.4...master

16:11

its already double size

16:11

double commit size*

16:11

than this https://github.com/ddnet/ddnet/compare/15.4...15.5.4

16:11

433 vs 210 poggers

edg-l

[ddnet/ddnet] Issue closed: #4186 Kill board feature: highlight player's name

"address":"tw-0.6+udp://connecting-address.invalid:8303"

16:19

is that too overkill? allows the server to specify the connection URL with only the IP address missing, because it might not know its own IP address

16:19

(for the register API)

16:19

alternative would be something like "port":"8303", would make it harder to add query parameters etc. though

16:20

"port":8303, I mean

huge release, epic

i mean

@Learath2 @Ryozuki you sure have an opiion on the above?

why make address be so cluttered, maybe just put "twprotocol: "0.6", "protocol": "udp" address: "ip or null", port: ""

16:21

this seems more machine friendly

16:21

no need to parse

Above as in the statefulness pr or the protocol stuff?

bors[bot]

[ddnet:master] 3 new commits

fbb98c8 teehistorian: Test no-op function calls as well - heinrich5991 1bffc6e teehistorian: Test statefulness of PLAYER_TEAM and TEAM_PRACTICE - heinrich5991 caf931f Merge #4200 - bors[bot]

16:21

bors[bot]

[ddnet/ddnet] Pull request closed: #4200 teehistorian: Test statefulness of PLAYER_TEAM and TEAM_PRACTICE

protocol

whats the exact format for tw-0.6

I think you can omit the protocol

the idea of making the connection a URL at all is that you can copy-paste it into the client

what if someone makes their format dd+0.7

16:22

ah

0.6 will never run over quic

16:22

Nor will ddnet15 e.g.

ddnet runs over w(eb)s(ockets) though

Hm that is an issue :/

16:23

Do we need to let ws servers register?

anyway, the scheme isn't really up for debate, it's already locked in stone

well its ok

as in it's used in the server info

16:24

I was more wondering how to to the registration

Ah, I see what you mean

def-

[ddnet-libs:pr-pngdll] 1 new commit

8f46ff0 Use libpng dll for windows instead - def-

16:24

def-

[ddnet/ddnet-libs] New branch created: pr-pngdll

16:24

def-

[ddnet/ddnet-libs] Pull request opened: #18 Use libpng dll for windows instead

Well I think sending it in pieces is easier, no? I don't like string paraing to figure out where to insert the ip

def-

[ddnet-scripts:master] 1 new commit

73616c1 Use libpng dll - def-

it's probably not easier, there are URL parsing libraries for rust (which the master server was going to be written in, or not?)

16:26

I currently have:

yes

16:27

a url parsing lib made by mozilla

16:27

fully compliant

Wym not easier? Separate fields would just be combined with a format!

https://docs.rs/url/2.2.2/url/

url - Rust

rust-url is an implementation of the URL Standard for the Rust programming language.

    if register.address.scheme() != "tw-0.6+udp" {
        return Err("register address must start with tw-0.6+udp://".into());
    }   
    if register.address.host_str() != Some("connecting-address.invalid") {
        return Err("register address must have domain connecting-address.invalid".into());
    }
    // [...]
    let mut address = register.address.clone();
    address.set_ip_host(remote_address).unwrap();

https://github.com/servo/rust-url

not easier if you want to ensure that it results in a well-formed URL. mh. maybe, since IP addresses are always well-formed in the URL

Ah with a lib I can see how it's not hard

what about ipv6

it'll™ be supported by making the game server connect via IPv4 and IPv6 to the master server alternatingly

I think you have a token to merge the two registrations or sth, right?

that's the current plan, a secret token by the game server

Proxy support, when?

wdym, proxy support? for client <-> game server connections?

client <-> proxy <-> game server

reverse proxy or forward proxy? probably reverse?

reverse

16:35

basically just add "real ip header" support

16:35

in udp app

yea

that would do tbh

plus write a proxy

We already have an XDP proxy for FiveM

16:35

I can likely release one publicly for ddnet

16:36

Idea is to basically offer proxies just using ip:port

16:36

without any setup on the actual machine running the game server

is there some standard UDP reverse proxy format we could emulate?

16:38

doesn't sound too hard otherwise

I'm not aware of any

16:38

maybe just add an "ip" field in the handshake packet?

not to all packets?

no, just to the handshake.

ok, that sounds a bit more complicated then, but still not too much

this would likely not be required at all, depending on if bans are IP based or not

bans are IP based

Well yeah, there's the issue then

16:39

Check handshake packet for ip field, if it's not-set, use connection ip

16:40

otherwise, register using IP in handshake

if reverse proxy mode is on

smiliar to X-Forwarded-For in nginx

otherwise you're opening up yourself to be spoofed for all non-reverse-proxied servers

Obviously you would set the proxy ranges to be whitelisted, everything else trying to act as a proxy would be dropped / not acked (edited)

but there are servers without reverse proxy, these must not accept the IP in the handshake header. so it must be a config option to enable the use of that header

I'm not saying it should be a required header

16:42

simply check packet length, that way you can determine if the header is there or not (edited)

16:42

and of course add a toggle for proxy support

@heinrich5991 Why does my server does not show up in the master in DDNet?

17:44

45.144.246.102:8303

17:48

it doesnt register

17:53

now it is there for some reason, did i implement something incorrectly regarding the 0.6 register?

17:53

it was like this before already, i never understood why because a manual request using Leak IP worked always

what does "it doesn't register" mean?

18:06

is it registered to the old masterservers?

18:07

hm, it shows up now

@trml: did you plan to finish #4176 any time soon?

#4176

https://github.com/ddnet/ddnet/pull/4176

Entity switch prediction by trml · Pull Request #4176 · ddnet/ddnet

Adds the prediction for pickups and projectiles (based on #4108) For blinking entities (deactivated by switch) I also used the extended info to make the blinking effect happen client-side. So inste...

Jupstar ✪

@trml: did you plan to finish #4176 any time soon?

yes, think I can finish it soon, since I have most of the code done (not commited yet)

awesome, makes the next release even better